.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Social Engineering Techniques, the Stealth Bomber, and You!
by Geoff Yeagley on May 2, 2017 at 9:45 AM
We write a lot on this blog about the different Social Engineering Techniques that are being used by bad actors today. We do this to educate you on the threats that are out there and the methods that these organizations will use to achieve their main goal: Steal sensitive information …
Why Your Information Security Program Must Evolve...NOW!
by Geoff Yeagley on April 12, 2017 at 10:39 AM
Note: For the purposes of this blog post, we are going to be looking at breach data for the United States only in 2016 2016 was a record year when it comes to data breaches, according to the Identity Theft Resource Center. According to the center, there were a total of 1,093 breaches …
What is Social Engineering? Part III
by Derek Morris on April 11, 2017 at 10:00 AM
What is Social Engineering? In this blog, I would like to shed some light on some other types of social engineering and provide some context on how to protect your business and self. In my first two blogs, I jumped into the Phishing and Spear Phishing pieces of a social engineering at …
What is PCI Compliance?
by Kyle Daun on April 6, 2017 at 10:00 AM
What is PCI Compliance? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that regardless of size or number of transactions, any business that accepts, processes, stores or transmits credit card information maintains a secure …
What is Social Engineering? The Phishing Email
by Derek Morris on April 4, 2017 at 9:30 AM
What is Social Engineering? Part 2 The seemingly most common way for an attacker to use social engineering to gain entry, exfiltrate information or disrupt business is through email phishing. As I mentioned in the previous blog, slick tactics like using nicknames and shockingly proper …
PCI Compliance Requirements: Some Tools to Help With Requirement 10!
by Derek Morris on March 29, 2017 at 10:00 AM
PCI Requirement 10 states: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are critical in preventing, detecting and minimizing the impact of a data compromise. The presence of logs in all environments a …